SONICWALL-FIREWALL-TRAP-MIB MIBS&OIDS not available
sukur55
Newbie ✭
Hello dear community, we are planning to create nagios checks for monitoring SonicWall firewall High Availability status. the only related SNMP information I have found is amoung FIREWALL-TRAP-MIB and but not getting any response with these MIBS/OIDS. I know base OID for tree is like "1.3.6.1.4.1.8741.1.1" but it returns nothing with snmpwalk , so nothing available under this tree. Anyone can explain reason?
Category: High End Firewalls
0
Answers
Because it's not implemented, unfortunately. An OID for trapping won't necessarily work for polling.
We monitor HA state transitions by polling the OID for the serial number of the virtual IP and then raise an alert if it changes since last poll. It's not perfect but it lets us know when something has happened.
You can also configure logging system to send emails on "firewall has transitioned to Active" events.
You will be glad to see that you find out the IP addresses of 168 unconfigured syslog servers, so there's that :D
SONICWALL-FIREWALL-IP-STATISTICS-MIB::sonicSyslogServerAddr.1 = IpAddress: 0.0.0.0
SONICWALL-FIREWALL-IP-STATISTICS-MIB::sonicSyslogServerAddr.2 = IpAddress: 0.0.0.0
SONICWALL-FIREWALL-IP-STATISTICS-MIB::sonicSyslogServerAddr.3 = IpAddress: 0.0.0.0
SONICWALL-FIREWALL-IP-STATISTICS-MIB::sonicSyslogServerAddr.4 = IpAddress: 0.0.0.0
etc
We monitor HA state transitions by polling the OID for the serial number of the virtual IP and then raise an alert if it changes since last poll. It's not perfect but it lets us know when something has happened
this part is interesting probably I can also use it? can you explain in detail a bit.
Not really much more detail to give, tbh. Monitor value of
SNWL-COMMON-MIB::snwlSysSerialNumber.0
If it ever changes, then there was an HA transition.
Obviously, would be great if there was an OID you could poll that explicitly says if it's active or standby, but there isn't.